How an MSP Uses a Cloud Directory to Manage Remote Users & Devices, Reduce Costs

Matchstick Birmingham is an IT consulting and contracting firm in Birmingham, Alabama. The managed service provider’s (MSP) founder, Brian Coleman, spent more than two decades as an IT administrator before launching his own business to serve small- and medium-sized businesses in the U.S. South.

He needed a solution to provide complete identity, access, and device management for his clients — regardless of where they’re located in the region.

  • Organization: Matchstick Birmingham
  • Location: Birmingham, Alabama
  • Problem: Clients across the region need identity, access, and device management
  • Goal: Cloud-based and remote-friendly solution

Background

Coleman previously worked as an Active Directory administrator, most recently for a healthcare informatics company. When the company acquired a Mac shop, the IT team knew they needed a better solution to manage those devices.

Brian Coleman
Founder, Matchstick Birmingham

They integrated the JumpCloud Directory Platform into their infrastructure to extend AD identities to and manage Macs. When Coleman started his own firm, he integrated JumpCloud into his offerings to clients. 

Challenges: Combining Identity & Device Management 

Coleman’s clients come to him with a variety of IT needs, and he requires a vendor-agnostic solution to meet each of their use cases. These include:

  • Replacing Active Directory and eliminating on-prem infrastructure
  • Avoiding lock-in with the Google or Microsoft ecosystems
  • Securing remote users
  • Managing user identities and resource access
  • Extending those identities to and managing Windows and Mac devices

Often, his clients need to implement identity management for the first time. They also need to navigate how to implement that alongside device management.

“Your laptop is an extension of you,” Coleman said. “It’s not like the old days. Device management must go hand in hand with identity management now. We need to make sure not only that each device is compliant and behaving correctly but also that each person is the only one who can access their laptop.”

Using JumpCloud, Coleman helps these organizations achieve both without a heavy upfront investment.

Solution: IT Solution Powered by JumpCloud

Coleman provides implementation services, as well as ongoing IT services. He describes Matchstick Birmingham as an IT solution powered by JumpCloud.

“It was a lightbulb moment,” Coleman said. “I can take JumpCloud and where needed throw in some spices — whether it’s an AV solution or a backup solution — and I can take that and sell it. That can be my product.”

With JumpCloud, his clients get a lightweight but powerful solution that he and his team can manage from anywhere.

“A lot of organizations never had identity management — they just winged it,” he said.

“Now, I’m showing them that you don’t have to commit to a gigantic investment in on-prem servers and licensing for Windows 2020. JumpCloud is simple and has an incredibly light footprint.”

Coleman and his team manage each of their client organizations through JumpCloud’s Multi-Tenant Portal (MTP) — a centralized dashboard that lets MSPs view and manage each instance.

The team integrates the platform with Mac and Windows devices, productivity suites, web applications, cloud infrastructure, Wi-Fi networks, VPNs, and other resources. They centrally manage user identities and extend them to all their resources. From the same platform, they deploy pre-built policies and custom commands to configure and secure user devices, including enforcing full-disk encryption, which is a critical feature in particular for their healthcare clients.

They also use JumpCloud Apple MDM for remote management of Mac devices — “I live and die for JumpCloud MDM,” Coleman said.

Insights: Directory Events & Device Health

Coleman and his team provide their clients with monitoring and analysis using Directory Insights, a feature that aggregates event logs with visibility across user and admin events. They analyze the data each morning and look for anomalies, and they turn to the data in the case of a security incident. For some clients, they also export that data to a SIEM for programmatic analysis.

They pair Directory Insights with System Insights, a feature that returns key asset, security, and configuration data about user devices. For example, they can analyze what’s consuming a device’s RAM or the last time it was restarted. That way, they can ensure devices perform optimally and are configured appropriately, as well as make more accurate purchasing decisions.

“Too many times, the decision to recycle or refresh equipment is made because a person complains,” Coleman said. “But you need to have foundational facts — and that’s where System Insights comes in.”

Transition to Remote Work

Coleman and his team were also able to quickly shift their clients to remote work at the beginning of the pandemic, and users didn’t require a VPN to continue accessing their resources. They continued to access their devices and other resources in the same way, with one set of credentials per user.

“For the clients that I worked with that already had JumpCloud in place, it was seamless,” Coleman said. “It was great to be able to tell leadership at these places: Don’t worry. Your employees are going to work just as they did in the office, at home. I saw a bunch of worried people suddenly become relaxed when I was able to describe how this was going to work.”

Implementation: “It’s a Game Changer”

To implement JumpCloud for new clients, Coleman starts with user devices. When they already have laptops, he takes over the local user accounts to begin managing them with JumpCloud. In other cases, he prepares new laptops for users.

“We can provision users and assign those users directly to the machines without touching them,” he said. “It’s a game changer to be able to create and provision new users no matter where they are — especially now, with the pandemic and offices essentially going away.”

He and his team install the JumpCloud agent on the device and move it to a device group in JumpCloud — New Deployments. They have a set of commands they run against the group, which is particularly helpful for large deployments. Then they move the devices out of the New Deployments group and into other ongoing device management groups.

They also integrate JumpCloud with Active Directory, Microsoft 365, and Google Workspace to import existing users, centralize management of those identities in JumpCloud, and federate them to other resources. He also uses JumpCloud to switch organizations from Microsoft to Google or vice versa without affecting their work.

“I’ve talked with countless IT leadership — CIOs and CTOs — about which provider they should choose,” he said. “Previously, it’s been a big deal. Now, it’s easy. I can say, ‘Choose which provider suits your needs today, and we can address this tomorrow without having to tear the house down and build it back up again.’ ”

The Result

In all, Coleman has built his business on the foundation of his IT expertise and JumpCloud to deliver seamless and cost-effective IT implementation and managed services for companies across the South. 

“If it weren’t for JumpCloud, my dream of making this small company a success would never have happened.”

Learn More

JumpCloud Directory Platform is a comprehensive platform to manage user identities, resource access, and devices — Mac, Windows, and Linux — from anywhere.

JumpCloud offers a Partner program for MSPs and resellers, including competitive margins and co-marketing opportunities. Learn more about building your business with a cloud directory platform.

About JumpCloud

The JumpCloud Directory Platform provides secure, frictionless user access from any device to any resource, regardless of location. Try JumpCloud Free now, or contact us at 855.212.3122.